add unit test to cover some of Login::addAppPassword()

model/Login.php

@@ -228,29 +228,11 @@ class Login
 
         $app_pass = pacrypt($app_pass);
 
-        /* maybe we want this
-                if (Config::bool('password_expiration')) {
-                    $domain = $this->getUserDomain($username);
-                    if (!is_null($domain)) {
-                        $password_expiration_value = (int)get_password_expiration_value($domain);
-                        $set['password_expiry'] = date('Y-m-d H:i', strtotime("+$password_expiration_value day"));
-                    }
-                }
-        */
-
-        // As PostgeSQL lacks REPLACE we first check and delete any previous rows matching this ip and user
-        $exists = db_query_all('SELECT id FROM mailbox_app_password WHERE username = :username AND description = :description',
-            ['username' => $username, 'description' => $app_desc,]);
-        if (isset($exists[0])) {
-            foreach ($exists as $x) {
-                db_delete('mailbox_app_password', 'id', $x['id']);
-            }
-        }
 
         $result = db_insert('mailbox_app_password', ['username' => $username, 'description' => $app_desc, 'password_hash' => $app_pass], []);
 
         if ($result != 1) {
-            db_log($domain, 'edit_password', "FAILURE: " . $username);
+            db_log($domain, 'add_app_password', "FAILURE: " . $username);
             throw new \Exception(Config::lang('pAdd_app_password_result_error'));
         }
 

tests/LoginTest.php

@@ -43,7 +43,7 @@ class LoginTest extends \PHPUnit\Framework\TestCase
         db_query('DELETE FROM domain');
     }
 
-    public function testPasswordchange()
+    public function testChangePassword()
     {
         $login = new Login('mailbox');
 
@@ -106,7 +106,7 @@ class LoginTest extends \PHPUnit\Framework\TestCase
         $this->assertFalse($l->login('test@fails.com', 'foobar'));
     }
 
-    public function testValidLogin()
+    public function testInvalidLogin()
     {
         $login = new Login('mailbox');
 
@@ -122,4 +122,31 @@ class LoginTest extends \PHPUnit\Framework\TestCase
         $this->assertFalse($login->generatePasswordRecoveryCode('doesnotexist'));
         $this->assertNotEmpty($login->generatePasswordRecoveryCode('test@example.com'));
     }
+
+    public function testAddAppPasswordIncorrectPassword()
+    {
+        $login = new Login('mailbox');
+        $this->assertTrue($login->login('test@example.com', 'foobar'));
+
+        $this->expectExceptionMessage("You didn't supply your current password!");
+        $this->assertTrue($login->addAppPassword('test@example.com', 'fish', '1st-app-password', 'something'));
+    }
+    public function testAddAppPassword()
+    {
+        $login = new Login('mailbox');
+        $this->assertTrue($login->login('test@example.com', 'foobar'));
+
+        $this->assertTrue($login->addAppPassword('test@example.com', 'foobar', '1st-app-password', 'something'));
+        $this->assertTrue($login->addAppPassword('test@example.com', 'foobar', '1st-app-password', 'something'));
+
+        $rows = db_query_all('SELECT * FROM mailbox_app_password');
+
+        $this->assertEquals(2, count($rows));
+
+        foreach ($rows as $r) {
+            $this->assertEquals('1st-app-password', $r['description']);
+            $this->assertNotEmpty($r['password_hash']);
+            $this->assertEquals('test@example.com', $r['username']);
+        }
+    }
 }